SOCIOTAL IDENTITY MANAGER

COMPANY / ORGANISATION PROVIDERName:SocIoTal

OVERVIEWDescription:

The Identity Management (IdM) system follows a claim-based approach with attribute-based credentials (ABC). The IdM relies on IBM’s Idemix cryptographic library , providing additional means to deal with IoT scenarios where consumers and providers can be not only traditional computers, but also smart objects (e.g. smartphones). The IdM endows users and smart objects with the means to control and manage the private data in their smartphone, defining partial identities over their whole identity, which is derived from the credential obtained from de Issuer. The usage of partial identities ensures a privacy-preserving solution with minimal disclosure of personal information. Unlike in traditional IdMs, the subject smart object is not redirected to its online Identity Provider (IdP) during the transaction, so that the IdP is not involved when the target device verifies the smart object’s attributes.

SocIoTal IdM has been recently integrated with FIWAREKeyrock IdM to support traditional and basic, but necessary, identity management operations in scenarios where claim-based access is not needed. Keyrock IdM provides mechanisms such as secure and private authentication from users to devices, networks and services, authorization and trust management, user profile management, privacy-preserving disposition of personal data, single sign-on (SSO) to service domains and identity federation towards applications.

The SocIoTal IdM is composed of five main components:

SocIoTal IdM Android Client: An android application that allows obtaining Idemix credentials from the Issuer server. It also allows interact with the Verifier server which can validate the partial identity derived from the credential.

SocIoTal Issuer Server: It is a web application implemented with Java servlets and XML-RPC which allows generating Idemix credentials for clients. Communications are done by https. The client must be authenticated against the Issuer using a valid certificate. The Issuer also support the verification functionality.

SocIoTal Verifier Server: A web application, also implemented with Java servlets and XML-RPC, which is able to validate partial identities presented by the client application.

SocIoTal IdM-Enabled Capability Manager: A web application that allows users to obtain capability tokens using their partial identities. In other words, it allows authenticating and demonstrating their attributes by means of Idemix proofs of having a valid credential issued by the Issuer.

SocIoTal IdM KeyRock Client: The Java library provides a basic API for identity management by implementing a client to interact with the FIWARE KeyRock server. To carry out such communication, the SCIM 2.0 and Identity API v3 interfaces provided by this IdM are used.

Privacy Settings

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

Google Analytics

We use Google analytics to monitor and record traffic through our website. We also anonymise your IP address to reduce the amount of personal information we store.